<?php
include('function/config.php');
error_reporting(E_ALL & ~E_NOTICE);
@ob_start();
@session_start();

if($_SESSION["position_id"]=='1'){
	header('Location: sale/index.php');
	exit();
}

if($_SESSION["position_id"]=='2'){
	header('Location: manager/index.php');
	exit();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
        <link rel=StyleSheet HREF="stylesheet/stylesheet.css" TYPE="text/css" MEDIA=screen>
        <link rel="shortcut icon" href="image/Letter-T.ico" />
            <title><?php echo $config['title'];?></title>

<script>
function setFocus(){
document.frmlogin.username.focus();
}
</script>
    </head>
    <?php
    include ("connect/connect.php");

    if (isset($_GET["action"])) {
        if ($_POST["username"] != "" && $_POST["password"] != "") {
            $sqluser = "SELECT user_id,user_username,user_password,user_name,user_surname,position_id FROM user WHERE user_username='" . $_POST["username"] . "' AND user_password='" . $_POST["password"] . "'";
            $result = mysql_query($sqluser);
            $row = mysql_fetch_assoc($result);
            $num = mysql_num_rows($result);

            if ($num == 1) {
                if ($row["position_id"] <= 1) {
				    $_SESSION["user_id"] = $row["user_id"];
                    $_SESSION["user_username"] = $row["user_username"];
                    $_SESSION["user_name"] = $row["user_name"];
                    $_SESSION["user_surname"] = $row["user_surname"];
                    $_SESSION["position_id"] = $row["position_id"];
                    session_write_close();

                    echo "<script>window.location = 'sale/index.php'</script>";
                }
                
          		 if ($row["position_id"] == '2') {
					$_SESSION["user_id"] = $row["user_id"];
                    $_SESSION["user_username"] = $row["user_username"];
                    $_SESSION["user_name"] = $row["user_name"];
                    $_SESSION["user_surname"] = $row["user_surname"];
                    $_SESSION["position_id"] = $row["position_id"];
                    session_write_close();

                    echo "<script>window.location = 'manager/index.php'</script>";
                }
            } else {
                $error_warning = "ชื่อผู้ใช้งาน หรือ รหัสผ่านผิด";
            }
        } else {
            $error_warning = "กรุณากรอกข้อมูลให้ครบ";
        }
    }
    ?>
    <body onload="setFocus()">
        <div id="header">
            <div class="div1"><?php echo $config['header'];?></div>
        </div>
        <div id="content">
            <div class="box" style="width: 300px; min-height: 200px; margin-top: 40px; margin-left: auto; margin-right: auto;">
                <div class="left"></div>
                <div class="right"></div>
                <div class="heading">
                    <h1 style="background-image: url('image/lockscreen.png');">เข้าสู่ระบบ</h1>
                </div>
                <div class="content" style="min-height: 150px;">
                    <?php if ($error_warning) {
 ?>
                        <div class="warning" style="padding: 3px;"><?php echo $error_warning; ?></div>
<?php } ?>
                    <form action="index.php?action=login" name="frmlogin" id="frmlogin" method="post" >
                        <table>
                            <tr>
                                <td style="text-align: center;" rowspan="4"><img src="image/login.png" alt="login" />&nbsp;&nbsp;&nbsp;</td>
                            </tr>
                            <tr>
                                <td>ชื่อผู้ใช้งานระบบ :<br />
                                    <input type="text" name="username" style="margin-top: 4px;" onkeydown="if(event.keyCode==13){frmlogin.submit();}" />
                                    <br />
                                    <br />
                                    รหัสผ่าน :<br />
                                    <input type="password" name="password" style="margin-top: 4px;" onkeydown="if(event.keyCode==13){frmlogin.submit();}" /></td>
                            </tr>
                            <tr>
                                <td>&nbsp;</td>
                            </tr>
                            <tr>
                                <td style="text-align: right;"><a onclick="frmlogin.submit();" class="button"><span>เข้าสู่ระบบ</span></a></td>
                            </tr>
                        </table>
                        
                    </form>
                </div>
            </div>
        </div>
    </body>
</html>